@Adrian when posting code add bbcode code tags [code]...[/code]
around it. These have been added for you up to this point.
Changing the database extension that code uses doesnât change the program logic that the code is using to accomplish a task. Unfortunately, following along with information you find on the web has two major problems - 1) a lot of the information is out of date, is filled with unnecessary things that donât add any value, and are missing useful things that would get code to work or to tell you why it doesnât work, and 2) repoducing things you see isnât teaching you the meaning of what you are doing, so when it doesnât work, you have no idea how to troubleshoot it.
Logging in, i.e. authenticating who someone is, involves comparing two pieces of information that only they know, which were previously stored in a database table when they registered, e.g. a user identifier, such as a username or an email address, and a password, with a hash of that password stored in the database table. To authenticate who someone is, you would query the database table to find the row matching the first piece of user information (username/email), retrieve the row and test if the submitted password matches the saved password hash. When authentication is successful, you ârememberâ who the logged in user is by sorting the userâs id (auto-increment integer primary index from the users table) in a session variable. You then test for the existence of this session variable on any page to determine if the visitor is logged in. Any login form and form processing code should be on the same page as this results in the simplest logic and the best User eXperience (UX.)
Does your current login system do all of the above? Any tutorial you find should do these things and more, such as detecting if a post method form has been submitted before accessing the form data, trimming all data before using it, validating all inputs separately, setting up a unique and helpful error message for each validation test that doesnât pass, displaying the validation errors when the form is redisplayed, and re-populate the appropriate form field values with the previously summitted data so that user doesnât need to keep reentering the same values over and over.